Like other network events and security incidents, ransomware infections should be integrated into your overall business continuity efforts and incident response plan. This checklist steps you through the process.

While no two cybersecurity incidents are the same, questions from the media, customers and other external stakeholder groups tend to cover the same topics following the disclosure of a breach. This checklist contains 10 of the most commonly asked questions companies should be prepared to answer following a cybersecurity incident, along with high-level guidance for responding to inquiries.

This high-level communications checklist is designed to be followed during the first 72 hours of an incident. It is meant to guide the response process as the incident develops and should be adjusted to suit a company’s bandwidth and operations, as well as the circumstances of the incident.